Knowledge Management

Deployment server

sekhar123
New Member

What is meant by deployment server and what does it do?

Labels (2)
0 Karma

sekhar123
New Member

Thank you for the reply gcusello

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @sekhar123,

Read the documentation and implement a lab to fully understand the advantages using the Forwarder Management feature using a Deployment Server.

let me know if I can help you more, or, please, accept one answer for the other people of Community.

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

if you already have any CI/CD system up and running you could it instead of setting up DS.

Currently the biggest issues with DS are:

  • you cannot install/ update UF with it “natively” (doable wit own scripts)
  • you cannot serialize configuration installation and reboot e.g. parallel HFs

But if you haven’t already working system, you should use it.

r. Ismo

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @sekhar123,

as you can read at https://docs.splunk.com/Documentation/Splunk/9.0.5/Updating/Aboutdeploymentserver , a Deployment Server is a role that assume Splunk Enterprise in complex architectures.

Starting from the beginning:

it permits to push configurations to Universal and Heavy Forwarders in centralized way avoiding to access each of them one by one for each configuration update.

It can reside in a Splunk Server shared with other roles if it has to manage less than 50 clients, otherwise a dedicated server is required.

It's a full Splunk Enterprise installation without using the features of indexing and searching, but only Forwarder Management.

I hint to analyze it because it's a fondamental role in each Splunk architecture, as you can read at https://www.splunk.com/en_us/pdfs/tech-brief/splunk-validated-architectures.pdf

Ciao.

Giuseppe

0 Karma
Get Updates on the Splunk Community!

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...